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REMARKS 

Minor editorial corrections have been made to the specification. Claims 1 -2, 7 - 10, 13 - 
16, and 19 -20 have been amended. Claims 21 ^29 have been added No new matter has been 
introduced with these corrections, amendments, or added claims, all of which are supported in the 
specification as originally filed. Claims 1 - 29 are now in the application, 

I. Status Updates to the Op acification 

Paragraph 2 of the Office Action dated February 11, 2004 (hereinafter, "the Office 
Action") requests that the status of citations of U. S. applications be updated in the specification. 
Appropriate amendments have been made herein. 

II. Rejection Under 35 U.S.C. § 102(e) 

Paragraph 3 of the Office states that Claims 1 - 2 f 5 - 10 5 12 - 16, and 18 - 20 are rejected 
under 35 U.S.C §102(e) as being anticipated by U. S. Patent 6,105,13 1 to Carroll. This rejection 
is respectfully traversed. 

Applicants have amended their independent Claims 1 , 9, and 1 4 herein to more clearly 
specify which entities are performing which limitations. While Carroll does discuss authentication 
using digital certificates, a correlation between Applicants' claim limitations and Carroll's 
teachings cannot be made when Applicants* claim limitations are analyzed in detail (including 
which entity performs each limitation). Carroll's teachings and Applicants' claim limitations will 
now be discussed in more detail. 
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Applicants' independent claims specify a secure session established between a client 
machine and a server machine, and a session established between that server machine and a host 
system. Furthermore, Applicants' claim limitations specify use of a host access security system 
and that the session is established using a legacy host communication protocol. Carroll has no 
teaching of using a host access security system or a legacy host communication protocol. 

The text cited in the Office Action for "... accessing a stored password or generating a 
password substitute which is col 3, lines 21 - 33 (see Hnes 6 - 8 on p. 4 of the Office Action), 
refers to the key ring organizer ("KRO") protecting keys at the client This is not generation of a 
password substitute, nor accessing a stored password, by a host access security system. 

In addition, Applicants rind no teaching in Carroll that a first sign-on request identifies a 
secure legacy host application to which sign-on is requested; that a stored password or password 
substitute generated bv a host access sec urity system is refairneH in a s^rv^ alnng « 11<rr 
identifier corresponding to credentials; or that a second sign-on is in any way enabled during a 
secure session such that a new secure session need not be established (i.e., «*without requiring 
establishment of a new secure session", which is the amended claim language of Applicants' 
independent Claims 1, 9, and 14). 



The text cited for the limitation of "passing said second digital certificate ... from said 
server machine to said host access security system", namely col. 8, lines 38 - 41 (see lines 1 - 3 < 
p. 5 of the Office Action), is referring to a newly-create d certificate that is being put in a user's 
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vauh and then sent tothftcjient (i.e., to the browser). This is different from receiving a second 
digital certificate, during an already-established secure session, and then using that second digital 
certificate to complete a sign-on within that secure g^pm of a jxrtentMy-diferent user or to a 
potentially-different application. 

Furthermore, coL 9, lines 1 1 - 13 of Carroll are cited (see fines 4 - 7 on p. 5 of the Office 
Action) as teaching authentication of a second identity using the second digital certificate. 
Applicants respectfully submit that this text merely discusses a second ahernati'w way in which 
the prisma! certificate may be processed when using Carroll's teachings. That is, col. 8, lines 45 - 
49 introduce Fig. 6 by stating that it presents "three possible uses of a digital certificate", and that 
"the location of [the] vault or application [associated with a particular digital certificate] dictates 
which of the three uses of the digital certificate is needed". These three possible uses correspond 
to the paths (1) 112 - 116 m Fig. 6; (2) 118 - 124 in Fig. 6; and (3) 126 - 132 in Fig. 6. For 
example, the path begmning at step 112 is taken if the user attempts to access a vault or 
application on a remote application server (see col. 8, lines 52 - 53); the path beginning at step 
118 is taken if the vault or application to be accessed resides on the same server that issued the 
digital certificate (see col. 9, lines 4 - 6, which are introductory material for the cited text in coL 9, 
lines 11 - 13); or the path begmning at step 126 is taken if the user attempts to contact a secure 
server other than the secure server that issued the digital certificate (see coL 9, lines 22 - 24). 

Three alternative ways for processing a single certificate, as in Carroll's Fig. 6, is not 
relevant to processing a first certificate in one way and then processing a second certificate in 
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another way, as claimed in Applicants' independent claims. Applicants' claimed use of a second 
digital certificate, after having used a first digital certificate within the same secure session, is 
therefore patentabry distinct from Carroll's teachings. Accordingly, Applicants respectfully 
submit that their independent Claims 1, 9, and 1 4 are patentable over Carroll. Dependent Claims 
2, 5 - 8, 10, 12 - 13, 15 - 16, and 18 - 20 are therefore deemed patentable over Carroll as well. 
Accordingly, Applicants respectfully request that the Examiner withdraw the §102 rejection. 

III. Rejection Under 35 U.S.C. 

Paragraph 4 of the Office Action states that Claims 3 - 4, 11, and 17 are rejected under 35 
U.S.C. § 103(a) as being unpatentable over Carroll in view of U. S. Patent 6,178,511 to Cohen et 
al. This rejection is respectfully traversed. 

As demonstrated above. Applicants submit that their independent claims are patentable 
over the teachings of Carroll. Cohen therefore cannot be combined with Carroll to render 
dependent Claims 3 - 4, 7, or 1 1 unpatentable. The Examiner is therefore respectfully requested 
to withdraw the §103 rejection. 

IV. Conclusion 

Applicants respectfully request reconsideration of the pending rejected claims, withdrawal 
of all presently outstanding rejections, and allowance of all claims at an early date. 
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Respectfully submitted, 

Marcia L. Doubet 
Attorney for Applicants 
Reg. No. 40,999 

Customer Number for Correspondence: 25260 
Phone: 407-343-7586 
Fax: 407-343-7587 
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